Main Vulnerability Database Exploits ID:4032 - Exploit for Cryptographic issues in Linux kernel - CVE-2013-4579

ID:4032 - Exploit for Cryptographic issues in Linux kernel - CVE-2013-4579

Published: August 11, 2020

Vulnerability identifier: #VU42356

Vulnerability risk: Medium

CVE-ID: CVE-2013-4579

CWE-ID: CWE-310

Exploitation vector: Remote access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/38826/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.

Remediation

Install update from vendor's website.

ID:4032 - Exploit for Cryptographic issues in Linux kernel - CVE-2013-4579

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human